use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueWithOpenIdScope.
@Test(dataProvider = "grantTypeDataProvider")
public void testIssueWithOpenIdScope(String grantType) throws Exception {
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(grantType);
reqDTO.setScope((String[]) ArrayUtils.clone(SCOPES_WITH_OPENID));
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
setupOIDCScopeTest(grantType, true);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertFalse(tokenRespDTO.isError());
assertTrue(Arrays.deepEquals(tokenRespDTO.getAuthorizedScopes().split(" "), SCOPES_WITH_OPENID));
assertNotNull(tokenRespDTO.getIDToken());
assertEquals(tokenRespDTO.getIDToken(), ID_TOKEN);
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class AccessTokenIssuerTest method testIssueWithScopes.
/**
* Exception thrown when issuing access token by the Grant Handler
*
* @throws Exception
*/
@Test(dataProvider = "scopeDataProvider")
public void testIssueWithScopes(String[] scopes, String expectedScopeString) throws Exception {
when(OAuth2Util.buildScopeString(Matchers.<String[]>anyObject())).thenCallRealMethod();
AuthorizationGrantHandler dummyGrantHandler = getMockGrantHandlerForSuccess(false);
OAuth2AccessTokenReqDTO reqDTO = new OAuth2AccessTokenReqDTO();
reqDTO.setGrantType(DUMMY_GRANT_TYPE);
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setClientId(SOME_CLIENT_ID);
reqDTO.setoAuthClientAuthnContext(oAuthClientAuthnContext);
reqDTO.setScope((String[]) ArrayUtils.clone(scopes));
final ResponseHeader responseHeader = new ResponseHeader();
responseHeader.setKey("Header");
responseHeader.setValue("HeaderValue");
final ResponseHeader[] responseHeaders = new ResponseHeader[] { responseHeader };
// Mock Issue
when(dummyGrantHandler.issue(any(OAuthTokenReqMessageContext.class))).then(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
OAuthTokenReqMessageContext context = invocationOnMock.getArgumentAt(0, OAuthTokenReqMessageContext.class);
// set some response headers
context.addProperty(OAuthConstants.RESPONSE_HEADERS_PROPERTY, responseHeaders);
String[] scopeArray = context.getOauth2AccessTokenReqDTO().getScope();
context.setScope(scopeArray);
return new OAuth2AccessTokenRespDTO();
}
});
HashMap<String, AuthorizationGrantHandler> authorizationGrantHandlers = new HashMap<>();
authorizationGrantHandlers.put(DUMMY_GRANT_TYPE, dummyGrantHandler);
mockOAuth2ServerConfiguration(authorizationGrantHandlers);
PowerMockito.whenNew(JDBCPermissionBasedInternalScopeValidator.class).withNoArguments().thenReturn(scopeValidator);
when(scopeValidator.validateScope(any(OAuthTokenReqMessageContext.class))).thenReturn(null);
OAuth2AccessTokenRespDTO tokenRespDTO = AccessTokenIssuer.getInstance().issue(reqDTO);
assertNotNull(tokenRespDTO);
assertFalse(tokenRespDTO.isError());
assertEquals(tokenRespDTO.getAuthorizedScopes(), expectedScopeString);
// Assert response headers set by the grant handler
assertNotNull(tokenRespDTO.getResponseHeaders());
assertTrue(Arrays.deepEquals(tokenRespDTO.getResponseHeaders(), responseHeaders));
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class CarbonOAuthTokenRequest method setClientAuthnContext.
private void setClientAuthnContext(HttpServletRequest request) {
Object oauthClientAuthnContextObj = request.getAttribute(OAuthConstants.CLIENT_AUTHN_CONTEXT);
if (oauthClientAuthnContextObj instanceof OAuthClientAuthnContext) {
oAuthClientAuthnContext = (OAuthClientAuthnContext) oauthClientAuthnContextObj;
} else {
oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setAuthenticated(false);
oAuthClientAuthnContext.setErrorMessage("Client Authentication Failed");
oAuthClientAuthnContext.setErrorCode(OAuthError.TokenResponse.INVALID_REQUEST);
}
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ServiceTest method testIdentityOAuth2ExceptionForRevokeTokenByOAuthClient.
@Test(dataProvider = "ExceptionforRevokeTokenByOAuthClient")
public void testIdentityOAuth2ExceptionForRevokeTokenByOAuthClient(String errorMsg, boolean setDetails, boolean throwIdentityException, boolean throwInvalidOAuthClientException, boolean failClientAuthentication) throws Exception {
setUpRevokeToken();
mockStatic(IdentityTenantUtil.class);
when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
AccessTokenDO accessTokenDO = new AccessTokenDO();
accessTokenDO.setConsumerKey("testConsumerKey");
accessTokenDO.setAuthzUser(authenticatedUser);
accessTokenDO.setGrantType(GrantType.CLIENT_CREDENTIALS.toString());
OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
if (setDetails) {
revokeRequestDTO.setConsumerKey("testConsumerKey");
revokeRequestDTO.setToken("testToken");
}
revokeRequestDTO.setTokenType(GrantType.CLIENT_CREDENTIALS.toString());
if (throwIdentityException) {
doThrow(new IdentityOAuth2Exception("")).when(oAuthEventInterceptorProxy).onPreTokenRevocationByClient(any(OAuthRevocationRequestDTO.class), anyMap());
}
if (throwInvalidOAuthClientException) {
when(OAuth2Util.findAccessToken(anyObject(), anyBoolean())).thenThrow(InvalidOAuthClientException.class);
}
if (failClientAuthentication) {
when(OAuth2Util.findAccessToken(anyObject(), anyBoolean())).thenReturn(new AccessTokenDO());
} else {
OAuthClientAuthnContext oAuthClientAuthnContext = new OAuthClientAuthnContext();
oAuthClientAuthnContext.setErrorMessage(errorMsg);
oAuthClientAuthnContext.setErrorCode(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
revokeRequestDTO.setOauthClientAuthnContext(oAuthClientAuthnContext);
}
when(oAuthCache.getValueFromCache(any(OAuthCacheKey.class))).thenReturn(accessTokenDO);
mockStatic(OAuthCache.class);
when(OAuthCache.getInstance()).thenReturn(oAuthCache);
assertEquals(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).getErrorMsg(), errorMsg);
}
use of org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2ServiceTest method testRevokeTokenByOAuthClientWithEmptyConsumerKeyAndToken.
@Test
public void testRevokeTokenByOAuthClientWithEmptyConsumerKeyAndToken() throws Exception {
setUpRevokeToken();
OAuthRevocationRequestDTO revokeRequestDTO = new OAuthRevocationRequestDTO();
revokeRequestDTO.setOauthClientAuthnContext(new OAuthClientAuthnContext());
assertEquals(oAuth2Service.revokeTokenByOAuthClient(revokeRequestDTO).isError(), true);
}
Aggregations